怎么配置ssl证书

phpsutdy-爱好者    2019-07-26 20:36:452楼

V8版本 创建站点 选择443端口就可以了

赞 +0添加回复

逆流而上    2019-07-25 21:47:371楼

apache部署

<VirtualHost 0.0.0.0:443>

   DocumentRoot "/var/www/html"

   ServerName www.domain.xx

   SSLEngine on

   SSLCertificateFile /etc/httpd/ssl/2_www.domain.xx_cert.crt

   SSLCertificateKeyFile /etc/httpd/ssl/3_www.domain.xx.key

   SSLCertificateChainFile /etc/httpd/ssl/1_root_bundle.crt

</VirtualHost>

<Directory "/var/www/html">

   # 设置强制访问https

   RewriteEngine on

   RewriteCond %{SERVER_PORT} !^443$

   RewriteRule ^(.*)?$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

</Directory>

nginx部署

server {

listen 443;

server_name www.domain.xx; #填写绑定证书的域名

ssl on;

root /var/www/www.domain.xx; #网站主页路径。此路径仅供参考，具体请您按照实际目录操作。

index index.html index.htm;  

ssl_certificate  1_www.domain.xx_bundle.crt; #证书文件名称

ssl_certificate_key 2_www.domain.xx.key; #私钥文件名称

ssl_session_timeout 5m;

ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_prefer_server_ciphers on;

# 可加可不加，严格的ssl检测使用

add_header Strict-Transport-Security "max-age=31536000";

location / {

  index index.html index.htm;

}

}

# 设置强制访问https

server {

listen 80;

server_name www.domain.xx; #填写绑定证书的域名

rewrite ^(.*)$ https://$host$1 permanent; #把http的域名请求转成https

}

# 如果两个端口监听写到一个配置段

# 强制走https协议

if ($server_port !~ 443){

       rewrite ^(/.*)$ https://$host$1 permanent;

}

赞 +0添加回复